inet_interfaces = allinet_protocols = allSince I run dual-stack, the second line makes it use both IPv4 & IPv6. First line I have that way by default, but would make sense if you've terminated a tunnel on your mail server and need that interface included.

I probably could (and should) combine the top two into 1 and bottom two into 1.

IPv4 address is used for several domains.IPv6 is used only for the specific domain.tld and www.domain.tld - which is why the domain specific conf file is where the NameVirtualHost for the IPv6 goes (and is actually only needed for the mod_rewrite when the non www domain is requested)

Using a unique IP for each domain.tld in IPv6 lets me use that same unique IPv6 for each domain on port 443.

I know most if not every browser that supports IPv6 also supports NSI but since NSI isn't really needed for IPv6 - I don't want to rely on the NSI support being there, so if I ever want/need to add an SSL host to that domain, it's good to already have a unique IPv6 for it.

IPv4 users - well, they might get an SSL cert mis-match, as I do not wish to be greedy with IPv4 address.

Only potential issue I see is I may need to issue kernel directive to increase number of IPv6 addresses (I think default max is 16 on RHEL/CentOS 6, I'll have to check. Increasing it isn't hard though)

I probably could (and should) combine the top two into 1 and bottom two into 1.

IPv4 address is used for several domains.IPv6 is used only for the specific domain.tld and www.domain.tld - which is why the domain specific conf file is where the NameVirtualHost for the IPv6 goes (and is actually only needed for the mod_rewrite when the non www domain is requested)

Using a unique IP for each domain.tld in IPv6 lets me use that same unique IPv6 for each domain on port 443.

I know most if not every browser that supports IPv6 also supports NSI but since NSI isn't really needed for IPv6 - I don't want to rely on the NSI support being there, so if I ever want/need to add an SSL host to that domain, it's good to already have a unique IPv6 for it.

IPv4 users - well, they might get an SSL cert mis-match, as I do not wish to be greedy with IPv4 address.

Only potential issue I see is I may need to issue kernel directive to increase number of IPv6 addresses (I think default max is 16 on RHEL/CentOS 6, I'll have to check. Increasing it isn't hard though)